http://www.perlmonks.org?node_id=206647

I just noticed this post and I was shocked to find that PerlMonks website lets to use javascript schema in links. It is highly insecure as it lets mailcious user to make a node with javascript link that for example steals user cookies when clicked. And AFAIK there are exist some other browser specific URI schemas which may be dangerous as well. IMHO only safe schemas like 'http', 'https', 'ftp' and 'mailto' should be allowed in links.

--
Ilya Martynov, ilya@iponweb.net
CTO IPonWEB (UK) Ltd
Quality Perl Programming and Unix Support UK managed @ offshore prices - http://www.iponweb.net
Personal website - http://martynov.org